Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re:$30 (Score 4, Informative) 515

by Thagg (#49659523) Attached to: Examining Costs and Prices For California's High-Speed Rail Project

DreadPirate, you are really not calculating correctly. I know it sounds cheap, but it isn't. If you can get there for $30 in gas, that's 40 miles per gallon -- not bad. Still, that's 7.5 cents/mile.

Say you bought a used car for $10,000, and can drive it for 100,000 miles. That's 10 cents a mile. More than gas.

Oil changes every 5,000 miles at $40? That's another penny a mile.

Tires at $300 every 30,000 miles? Another penny a mile.

Let's not talk about what your time is worth (you might really enjoy the drive), or insurance (not too dependent on miles driven) -- but still, that's about 20 cents a mile, or $80.

Most people don't really like to think how expensive driving is, but it isn't cheap. We have been taught that it's all about the gas, but it just isn't.

Comment: Re:why so long (Score 3, Interesting) 136

by Thagg (#49624589) Attached to: Opportunity Rover Reaches Martian Day 4,000 of Its 90-Day Mission

It's kind of interesting.

One of the big reasons that they thought it would be limited to 90 days is that the solar panels get covered in dust, and as that happens the amount of energy collected diminishes. They figured in about 90 days, based on previous missions to Mars, they'd be out of juice.

And...for the first 50 days or so, it was going that way. And then, a whirlwind came by, and scrubbed the rover clean. This has happened many many times since. An unexpected good fortune.

Comment: Re: The answer has been clear (Score 1) 390

by jd (#49575883) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

Multiple IPs was one solution, but the other was much simpler.

The real address of the computer was its MAC, the prefix simply said how to get there. In the event of a failover, the client's computer would be notified the old prefix was now transitory and a new prefix was to be used for new connections.

At the last common router, the router would simply swap the transitory prefix for the new prefix. The packet would then go by the new path.

The server would multi-home for all prefixes it was assigned.

At both ends, the stack would handle all the detail, the applications never needed to know a thing. That's why nobody cared much about remembering IP addresses, because those weren't important except to the stack. You remembered the name and the address took care of itself.

One of the benefits was that this worked when switching ISPs. If you changed your provider, you could do so with no loss of connections and no loss of packets.

But the same was true of clients, as well. You could start a telnet session at home, move to a cyber cafe and finish up in a pub, all without breaking the connection, even if all three locations had different ISPs.

This would be great for students or staff at a university. And for the university. You don't need the network to be flat, you can remain on your Internet video session as your laptop leaps from access point to access point.

Comment: Re: How about basic security? (Score 5, Informative) 390

by jd (#49516499) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

IPSec is perfectly usable.

Telebit demonstrated transparent routing (ie: total invisibility of internal networks without loss of connectivity) in 1996.

IPv6 has a vastly simpler header, which means a vastly simpler stack. This means fewer defects, greater robustness and easier testing. It also means a much smaller stack, lower latency and fewer corner cases.

IPv6 is secure by design. IPv4 isn't secure and there is nothing you can design to make it so.

Comment: Re: Waiting for the killer app ... (Score 3, Informative) 390

by jd (#49516451) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

IPv6 would help both enormously. Lower latency on routing means faster responses.

IP Mobility means users can move between ISPs without posts breaking, losing responses to queries, losing hangout or other chat service connections, or having to continually re-authenticate.

Autoconfiguration means both can add servers just by switching the new machines on.

Because IPv4 has no native security, it's vulnerable to a much wider range of attacks and there's nothing the vendors can do about them.

Comment: Re: DNS without DHCP (Score 4, Informative) 390

by jd (#49516387) Attached to: Why the Journey To IPv6 Is Still the Road Less Traveled

Anycast tells you what services are on what IP. There are other service discovery protocols, but anycast was designed specifically for IPv6 bootstrapping. It's very simple. Multicast out a request for who runs a service, the machine with the service unicasts back that it does.

Dynamic DNS lets you tell the DNS server who lives at what IP.

IPv6 used to have other features - being able to move from one network to another without dropping a connection (and sometimes without dropping a packet), for example. Extended headers were actually used to add features to the protocol on-the-fly. Packet fragmentation was eliminated by having per-connection MTUs. All routing was hierarchical, requiring routers to examine at most three bytes. Encryption was mandated, ad-hoc unless otherwise specified. Between the ISPs, the NAT-is-all-you-need lobbyists and the NSA, most of the neat stuff got ripped out.

IPv6 still does far, far more than just add addresses and simplify routing (reducing latency and reducing the memory requirements of routers), but it has been watered down repeatedly by people with an active interest in everyone else being able to do less than them.

I say roll back the protocol definition to where the neat stuff existed and let the security agencies stew.

Comment: What is wrong with SCTP and DCCP? (Score 4, Interesting) 84

by jd (#49503031) Attached to: Google To Propose QUIC As IETF Standard

These are well-established, well-tested, well-designed protocols with no suspect commercial interests involved. QUIC solves nothing that hasn't already been solved.

If pseudo-open proprietary standards are de-rigour, then adopt the Scheduled Transfer Protocol and Delay Tolerant Protocol. Hell, bring back TUBA, SKIP and any other obscure protocol nobody is likely to use. It's not like anyone cares any more.

Comment: Re: Must hackers be such dicks about this? (Score 1) 270

by jd (#49500235) Attached to: FBI Accuses Researcher of Hacking Plane, Seizes Equipment

He claimed he could hack the plane. This was bad and the FBI had every right to determine his motives, his actual capabilities and his actions.

The FBI fraudulently claimed they had evidence a crime had already taken place. We know it's fraudulent because if they did have evidence, the guy would be being questioned whilst swinging upside down over a snake pit. Hey, the CIA and Chicago have Black Sites, the FBI is unlikely to want to miss out. Anyways, they took his laptop, not him, which means they lied and attempted to pervert the course of justice. That's bad, unprofessional and far, far more dangerous. The researcher could have killed himself and everyone else on his plane. The FBI, by using corrupt practices, endanger every aircraft.

Comment: Re: Must hackers be such dicks about this? (Score 1) 270

by jd (#49500221) Attached to: FBI Accuses Researcher of Hacking Plane, Seizes Equipment

Did the FBI have the evidence that he had actually hacked a previous leg of the flight, or did they not?

If they did not, if they knowingly programmed a suspect with false information, they are guilty of attempted witness tampering through false memory syndrome. Lots of work on this, you can program anyone to believe they've done anything even if the evidence is right in front of them that nothing was done at all. Strong minds make no difference, in fact they're apparently easier to break.

Falsifying the record is self-evidently failure of restraint.

I have little sympathy for the researcher, this kind of response has been commonplace since 2001, slow-learners have no business doing science or engineering. They weren't exactly infrequent before then.

Nor have I any sympathy for the airlines. It isn't hard to build a secure network where the security augments function rather than simply taking up overhead. The same is true of insecure car networks. The manufacturers of computerized vehicles should be given a sensible deadline (say, next week Tuesday) to have fully tested and certified patches installed on all vulnerable vehicles.

Failure should result in fines of ((10 x vehicle worth) + (average number of occupants x average fine for unlawful death)) x number of vehicles in service. At 15% annual rate of interest for every year the manufacturer delays.

Comment: Re: In summary (Score 1) 57

by jd (#49453131) Attached to: GCC 5.0 To Support OpenMP 4.0, Intel Cilk Plus, C++14

ADA updates would be good, bringing in the Spark 2014 and early 2015 extensions would have been nice. (Spark is a mathematically provable dialect of ADA. Well, mostly. Apparently, you can't prove floating point operations yet because nobody knows how. Personally, I think it's as easy as falling off a log table.)

There are also provable dialects of C and it would be nice if GCC had a flag to constrain to that subset. Using multiple compilers is a good way of producing incompatible binaries and nasty interactions. GCC has no business having limitations. :)

With work on KROC at a standstill, we have a reference compiler that talks Occam Pi. Occam is a very nice language to work with but working through archaic Inmos blobs is tiresome and limiting.

Code quality in GCC and GlibC is still poor, the stability of internal interfaces is derisory (these should be generated from abstract descriptions, ensuring the flexibility GCC wants and the usability interface developers want) and the egos of the developers should be taken out and shot. However, it's still one of the best environments out there. Those that are better at specific things are usually carrying three to four digit price tags. I'd write in hand-turned assembly before paying for unquantifiable products that I won't even own.

Comment: Re: In summary (Score 1) 57

by jd (#49453043) Attached to: GCC 5.0 To Support OpenMP 4.0, Intel Cilk Plus, C++14

Different animal. Cilk has specific instructions for parallelising loops and similar. It looks like a similar concept to Fortran's capacity to turn anything that can be done as a vector rather than as a sequential operation into a vector instruction.

OpenMP parallelizes at the block level rather than the instruction level. By all accounts (notably comments on the ATLAS mailing list), the performance is terrible.

Comment: Re:cryptobracelet (Score 2) 116

by Thagg (#49449879) Attached to: 'Let's Encrypt' Project Strives To Make Encryption Simple

We'll see.

It's absolutely wrong that I am proposing a 'stealable' ID. No, it's not that at all. Like NFC (ApplePay and others) you don't send out your ID, your bracelet will engage in a two-way conversation that uses generates unique identifiers every time that prove that it's you without giving the system communicating with you the ability to impersonate you. It's not hard at all; we should have been doing this years ago. This is described in Bruce Schneier's Applied Cryptography twenty-fucking-years ago. Chapter 21(Identification Schemes) describes "zero-knowledge proof of identity". Curiously, researchers Feige, Fiat, and Shamir submitted a patent application in 1986 for this, but the Patent Office responded "the disclosure or publication of the subject matter ... would be detrimental to the national security..." The authors were ordered to notify all Americans to whom the research had been disclosed that unauthorized disclosure could lead to two years' imprisonment, a $10,000 fine, or both. Somewhat hilarious, as the work was all done at Weizmann Institute in Israel.

That said, I do think that groups like the NSA and FBI have been quite successful in keeping people (like Jeff4747) remarkably uneducated. Banks, credit card companies, and groups like Google that make gigabucks tracking people have held back from doing things right as well -- and they're paying for it today.

To say again. It is easy to build a system that would securely verify that you have authority to do something, without giving the ability for somebody else to impersonate you. It's somewhat more challenging than printing number in plastic on a credit card, but only a tiny bit more challenging.

This will happen. Once it does people will wonder why it took so long.

"If you don't want your dog to have bad breath, do what I do: Pour a little Lavoris in the toilet." -- Comedian Jay Leno

Working...